Threat Modeling

Threat modeling has become one of the top security analysis methodologies that Microsoft’s developers use to identify risks and make better design, coding, and testing decisions. This book provides a clear, concise explanation of the threat-modeling process, describing a structured approach you can use to assess the security vulnerabilities for any application, regardless of platform. Software designers and developers discover how to use threat modeling during the specification phase of a new project or a major revision—from verifying application architecture to identifying and evaluating threats and designing countermeasures. Test engineers discover how to apply threat-modeling principles when creating test plans to verify results. It’s the essential, high-level reference for software professionals responsible for designing, refining, and maximizing the security features in their application architecture.

Key Book Benefits:

Explains the principles and process of threat modeling, as used by the security experts at Microsoft

Details a systematic approach for identifying, evaluating, and addressing security threats

Describes techniques that you can apply to any application?from Microsoft Windows® to J2EE

Discusses how hackers scrutinize applications for security vulnerabilities?and how you can apply that information to design countermeasures

Written by Microsoft specialists in threat modeling and application security